Description of problem: I don't know if this is connected to vpnc or any other component. When I installed Mageia 6 vpnc worked. But about a week ago vpnc gave the following message before exiting: ------------------------------- Error: either "to" is duplicate, or "uid" is a garbage. vpnc: quick mode response rejected: (ISAKMP_N_INVALID_PAYLOAD_TYPE)(1) this means the concentrator did not like what we had to offer. ------------------------------- How reproducible: Always Steps to Reproduce: 1.start vpnc 2.give password 3.have the message Looking around over the internet, it seems this is connect to a recent upgrade of vpnc or iproute2, but I don't know if these packages have been updated recently (many packages have been, but I did not keep trace)
(In reply to Alberto Girlando from comment #0) > > Looking around over the internet, it seems this is connect to a recent > upgrade of vpnc or iproute2, but I don't know if these packages have been > updated recently (many packages have been, but I did not keep trace) The last changelog message I see for vpnc is: ------------------------------------------------------------------------ r1120596 | umeabot | 2017-07-14 15:41:29 +0200 (vr, 14 jul 2017) | 1 line SILENT Branching for Mageia 6 ------------------------------------------------------------------------ So vpnc didn't get updated. However, iproute2-4.14.1-1.mga6 became available on 28 December https://advisories.mageia.org/MGAA-2017-0134.html That's three weeks ago, but many of our mirrors have had problems, so it is possible you updated it only a week ago. Please give the output of: rpm -qa --last | grep iproute2
Source RPM: vpnc-0.5.3-13.mga6 => vpnc-0.5.3-13.mga6, iproute2CC: (none) => marja11, tmb
Thanks Maria. Then it is iproute2, because I do not use vpnc quite often. Indeed this is the output of the rpm command: iproute2-4.14.1-1.mga6.x86_64 Fri 29 Dec 2017 08:11:30 AM Before opening the bug, I tried to downgrade with urpmi (this was the suggestion over the internet for arclinux or fedora): urpmi --downgrade iproute2 but this re-installed the present version.
you need to be specific about what to downgrade to, so: urpmi --downgrade iproute2-4.9.0-1.mga6
Thanks Thomas, I did not know how the command worked, or how I could see what the previous version was. Anyway, this solved the problem for me. I do not know if you want to close the bug, or change to iproute2 or whatever.
You can do: urpmq --sources No, its still a vpnc issue as it needs to cope with new iproute2 and its 4.14 support
Assigning to all packagers collectively, since there is no registered maintainer for this package.
Assignee: bugsquad => pkg-bugsSource RPM: vpnc-0.5.3-13.mga6, iproute2 => vpnc-0.5.3-13.mga6
Alberto, Can you please try this patched version of vpnc: ftp://kekepower.myftp.org/linux/shlomi/vpnc-0.5.3-14.mga6.x86_64.rpm Cheers, Stig
CC: (none) => smelror
Alberto, another solution may be to try openconnect. It's in MGA6, though "only" at version 6.00. openconnect-6.00-4.mga6 http://www.infradead.org/openconnect/ I have no idea if this works with the equipment you're trying to connect to, but it may be worth a try. Cheers, Stig
No Stig, patched version of vpnc does not work, gives same error as the non-patched one. I tried openconnect, and did not work, with a different error. Googling around I found that the protocol my University uses (juniper) is not implemented in version 6 of openconnect, but only in version 7. So I downgraded again iproute2.
Alberto. Thanks for taking the time to test. I'll see if I can help you with this. Cheers, Stig
I'm working with openconnect (7.08-1.mga6 ) and with iproute2-4.14.1-1.mga6, I can not use the vpn, and I have the following error : Error: either "to" is duplicate, or "uid" is a garbage. if I downgrade iproute2 to 4.9.0-1.mga6, the vpn is working again
CC: (none) => eric.gerbier
another tip : connexion to vpn by networkmanager graphical interface (with networkmanager-openconnect) works with iproute2-4.14.1-1. the problem appears just in command line
I've been having problems on Cauldron based machines getting vpnc over nw-manager to work (using Plasma) - although all settings are correct - no errors, just fails to connect (timeout) Under Linux Mint works just fine with exact same settings
CC: (none) => rfox
I am observing this on my fresh install of Mageia 6. I run openconnect as follows: # /usr/sbin/openconnect -u myusername myvpnprovider.com I noticed the output of /sbin/ip route get <my vpn IP address> (this is what the vpnc-script runs) includes the string 'uid' from the openconnect complaint. Also there's somebody else describing it at https://ask.fedoraproject.org/en/question/106252/openconnect-either-to-is-duplicate-or-uid-is-garbage/ I used the below diff to fix it and am able to vpn now: $ diff -u etc/vpnc/vpnc-script /etc/vpnc/vpnc-script --- etc/vpnc/vpnc-script 2016-02-12 21:19:30.000000000 +0100 +++ /etc/vpnc/vpnc-script 2019-02-24 17:57:45.422476999 +0100 @@ -116,7 +116,7 @@ if [ -n "$IPROUTE" ]; then fix_ip_get_output () { - sed 's/cache//;s/metric \?[0-9]\+ [0-9]\+//g;s/hoplimit[0-9]\+//g;s/ipid 0x....//g' + sed 's/cache//;s/metric \?[0-9]\+ [0-9]\+//g;s/hoplimit[0-9]\+//g;s/ipid 0x....//g;s/uid 0//g' } set_vpngateway_route() {
CC: (none) => tropikhajma
Created attachment 10783 [details] patch
(In reply to pavel heimlich from comment #15) > Created attachment 10783 [details] > patch Thanks for the patch. Can you please help me understand what the patch does? Cheers, Stig
it removes the string 'uid 0' from the output of /sbin/ip. This string apparently appeared there sometime after iproute2 4.9.0-1.mga6
Here's what the output of ip(8) looks like on my machine: # /sbin/ip route get <myvpnIPaddress> <myvpnIPaddress> via 192.168.3.1 dev enp4s0 src 192.168.3.240 uid 0 cache
I confirm: Patched vpnc 0.53.13.mga6 (x64) now works wit iproute2 4.14.1-1.mga6. Thank you Pavel ! The bug can be probably closed.
note you should use something like 'uid [0-9]\+' instead of 'uid 0' so it works also for users other than root.
I have tested the given patch too, and I also confirm : it works !
Mageia 6 changed to end-of-life (EOL) status on 2019-09-30. It is no longer maintained, which means that it will not receive any further security or bug fix updates. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Mageia version. Bug Reporter: Thank you for reporting this issue and we are sorry that we weren't able to fix it before Mageia 6's end of life. If you are able to reproduce it against a later version of Mageia, you are encouraged to click on "Version" and change it against that version of Mageia. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Mageia release includes newer upstream software that fixes bugs or makes them obsolete. If you would like to help fixing bugs in the future, don't hesitate to join the packager team via our mentoring program [1] or join the teams that fit you most [2]. [1] https://wiki.mageia.org/en/Becoming_a_Mageia_Packager [2] http://www.mageia.org/contribute/ Best regards, Aurélien Bugsquad Team
Status: NEW => RESOLVEDResolution: (none) => FIXEDCC: (none) => ouaurelien